package publics.util;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.aopalliance.intercept.MethodInterceptor;
import org.aopalliance.intercept.MethodInvocation;
import org.apache.struts2.dispatcher.mapper.ActionMapping;
import org.junit.runner.Request;
import org.springframework.beans.MethodInvocationException;

import com.sun.corba.se.spi.orbutil.fsm.Input;

public class AccessInterceptor implements MethodInterceptor {

	/** 此类是实现权限验证的拦截器，由spring管理进行权限验证
	 * 目前还未启用，现在用的是LevelInterceptor
	 * @see org.aopalliance.intercept.MethodInterceptor#invoke(org.aopalliance.intercept.MethodInvocation)
	 */
	public Object invoke(MethodInvocation invocation) throws Throwable {
		HttpServletRequest request = null;
		ActionMapping mapping = null;
		Object []args = invocation.getArguments();
		
		for(int i = 0; i < args.length; i++){  //取得 request  和  actionmapping
			if(args[i] instanceof HttpServletRequest){
				request = (HttpServletRequest)args[i]; 
			}
			if(args[i] instanceof ActionMapping){
				mapping = (ActionMapping)args[i];
			}
		}
		HttpSession session = request.getSession();
		Integer level = (Integer)session.getAttribute("level");//得到用户的权限
		String user = (String)session.getAttribute("user");//得到用户名
		//得到用户的权限，开始验证
		if((user!= null) && (level != null)){//如果  用户名  和  权限  都不为空
			if(level == 1){
				
			}else if(level == 2){
				
			}else if(level == 3){
				
			}else if(level == 4){
				
			}else if(level == 5){
				
			}else if(level == 6){
				
			}else if(level == 7){
				
			}else if(level == 8){
				
			}else{
				return null;//mapping.setResult();  未完成
			}
			
			
			
			invocation.proceed();
		}else{
			return null;
		}
		
		return null;
	}

}
